Databáze Hot News -

Rok - Úvod  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  List  - 2018  2017  2016  2015  2014  2013 

Databáze - Úvod  Articles  Články  Bugtraq  Malware   Phishing  Vulnerebility  SANS  Mobil Virus  Exploit  Útoky  IDS/IPS  Techniky hackerů  Threatpost  Papers

- Hot News List 2017 -

 

Datum

Název

Typ

31.10.2017

W97M.Downloader.P

Malware

31.10.2017

Some Powershell Malicious Code

SANS News

31.10.2017

Google’s reCaptcha Cracked Again

Threatpost

31.10.2017

Flaw in Google Bug Tracker Exposed Reports About Unpatched Vulnerabilities

Threatpost

31.10.2017

Malicious Chrome Extension Steals Data Posted to Any Website

Threatpost

31.10.2017

Oracle Java SE - Web Start jnlp XML External Entity Processing Information... 

Exploint

31.10.2017

Ingenious 2.3.0 - Arbitrary File Upload 

Exploint

30.10.2017

VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27

Bugtraq

30.10.2017

Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26

Bugtraq

30.10.2017

Remember ACE files?

SANS News

30.10.2017

Critical Patch For Oracle's Identity Manager

SANS News

30.10.2017

MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation 

Exploint

30.10.2017

Online Exam Test Application - 'sort' SQL Injection 

Exploint

30.10.2017

Php Inventory - Arbitrary File Upload 

Exploint

30.10.2017

Vastal I-Tech Agent Zone - SQL Injection 

Exploint

30.10.2017

Website Broker Script - 'status_id' SQL Injection 

Exploint

30.10.2017

Zomato Clone Script - 'resid' SQL Injection 

Exploint

30.10.2017

WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection 

Exploint

29.10.2017

"Catch-All" Google Chrome Malicious Extension Steals All Posted Data

SANS News

29.10.2017

Rockwell Automation Patches Wireless Access Point against Krack

Threatpost

29.10.2017

Apache OpenOffice Update Patches Four Vulnerabilities

Threatpost

29.10.2017

Tizen Studio 1.3 Smart Development Bridge < 2.3.2 - Buffer Overflow (PoC) 

Exploint

29.10.2017

Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference 

Exploint

27.10.2017

VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27

Bugtraq

27.10.2017

Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26

Bugtraq

27.10.2017

October 2017 - Bamboo - Critical Security Advisory 2017-10-26

Bugtraq

27.10.2017

KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24

Bugtraq

27.10.2017

KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24

Bugtraq

27.10.2017

SECURITY] DSA 4006-1] mupdf security update 2017-10-24

Bugtraq

27.10.2017

security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23

Bugtraq

27.10.2017

SECURITY] DSA 4003-1] libvirt security update 2017-10-19

Bugtraq

27.10.2017

WPA2 Key Reinstallation Multiple Security Weaknesses

Vulnerebility

27.10.2017

MIT krb5 CVE-2017-15088 Remote Buffer Overflow Vulnerability

Vulnerebility

27.10.2017

Google Chrome CVE-2017-5090 Security Bypass Vulnerability

Vulnerebility

27.10.2017

IBM Jazz Foundation CVE-2017-1164 Cross Site Scripting Vulnerability

Vulnerebility

27.10.2017

OpenSSH CVE-2016-6515 Denial of Service Vulnerability

Vulnerebility

27.10.2017

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability

Vulnerebility

27.10.2017

Google V8 CVE-2017-15396 Stack Based Buffer Overflow Vulnerability

Vulnerebility

27.10.2017

GNU wget CVE-2017-13089 Stack Buffer Overflow Vulnerability

Vulnerebility

27.10.2017

GNU wget CVE-2017-13090 Heap Buffer Overflow Vulnerability

Vulnerebility

27.10.2017

Apache OpenOffice Multiple Remote Code Execution Vulnerabilities

Vulnerebility

27.10.2017

Multiple Pivotal Products CVE-2015-5170 Cross Site Request Forgery Vulnerability

Vulnerebility

27.10.2017

ProxySG and ASG CVE-2016-9097 Remote Authorization Bypass Vulnerability

Vulnerebility

27.10.2017

IBM DOORS Next Generation CVE-2017-1169 Cross Site Scripting Vulnerability

Vulnerebility

27.10.2017

Ursnif Banking Trojan Spreading In Japan

SANS News

27.10.2017

Two Critical Vulnerabilities Found In Inmarsat’s SATCOM Systems

SANS News

27.10.2017

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow 

Exploint

27.10.2017

PHPMailer < 5.2.21 - Local File Disclosure 

Exploint

27.10.2017

Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference 

Exploint

26.10.2017

October 2017 - Bamboo - Critical Security Advisory 2017-10-26

Bugtraq

26.10.2017

KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24

Bugtraq

26.10.2017

KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24

Bugtraq

26.10.2017

SECURITY] DSA 4006-1] mupdf security update 2017-10-24

Bugtraq

26.10.2017

OpenSSH CVE-2016-6515 Denial of Service Vulnerability

Vulnerebility

26.10.2017

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability

Vulnerebility

26.10.2017

IBM Storwize V7000 CVE-2017-1375 Unified Information Disclosure Vulnerability

Vulnerebility

26.10.2017

TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities

Vulnerebility

26.10.2017

Redis CVE-2016-10517 Cross Site Scripting Vulnerability

Vulnerebility

26.10.2017

IBM BigFix Platform Multiple Security Vulnerabilities

Vulnerebility

26.10.2017

IBM OpenPages GRC Platform CVE-2016-3049 HTML Injection Vulnerability

Vulnerebility

26.10.2017

Macro-less Code Execution in MS Word

SANS News

26.10.2017

Hackers Prepping IOTroop Botnet with Exploits

Threatpost

26.10.2017

BadRabbit Ransomware Attacks Hitting Russia, Ukraine

Threatpost

26.10.2017

Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution... 

Exploint

26.10.2017

KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting 

Exploint

26.10.2017

KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection 

Exploint

25.10.2017

KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24

Bugtraq

25.10.2017

KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24

Bugtraq

25.10.2017

SECURITY] DSA 4006-1] mupdf security update 2017-10-24

Bugtraq

25.10.2017

security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23

Bugtraq

25.10.2017

SECURITY] DSA 4003-1] libvirt security update 2017-10-19

Bugtraq

25.10.2017

SECURITY] DSA 4002-1] mysql-5.5 security update 2017-10-19

Bugtraq

25.10.2017

Ransom.BadRabbit

Malware

25.10.2017

VBS.Downloader.C

Malware

25.10.2017

TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities

Vulnerebility

25.10.2017

Infineon RSA Library CVE-2017-15361 Cryptographic Security Bypass Vulnerability

Vulnerebility

25.10.2017

Symantec Endpoint Encryption CVE-2017-13675 Denial-of-Service Vulnerability

Vulnerebility

25.10.2017

Jenkins Build Publisher Plugin Information Disclosure Vulnerability

Vulnerebility

25.10.2017

Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities

Vulnerebility

25.10.2017

Jenkins Active Choices Plugin HTML Injection Vulnerability

Vulnerebility

25.10.2017

Jenkins SCP Publisher Plugin SSH credentials Information Disclosure Vulnerability

Vulnerebility

25.10.2017

cURL/libcURL CVE-2017-1000257 Buffer Overflow Vulnerability

Vulnerebility

25.10.2017

Symantec Endpoint Encryption CVE-2017-13683 Denial-of-Service Vulnerability

Vulnerebility

25.10.2017

Symantec Encryption Desktop CVE-2017-13682 Denial-of-Service Vulnerability

Vulnerebility

25.10.2017

Foxit Reader CVE-2017-15771 Remote Buffer Overflow Vulnerability

Vulnerebility

25.10.2017

Foxit Reader CVE-2017-15770 Remote Buffer Overflow Vulnerability

Vulnerebility

25.10.2017

GNU glibc CVE-2017-15804 Heap Buffer Overflow Vulnerability

Vulnerebility

25.10.2017

Multiple F5 BIG-IP Products CVE-2017-6165 Local Information Disclosure Vulnerability

Vulnerebility

25.10.2017

Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability

Vulnerebility

25.10.2017

Cisco AMP for Endpoints CVE-2017-12317 Local Privilege Escalation Vulnerability

Vulnerebility

25.10.2017

FFmpeg CVE-2017-15186 Denial of Service Vulnerability

Vulnerebility

25.10.2017

GNU glibc CVE-2017-15671 Local Denial of Service Vulnerability

Vulnerebility

25.10.2017

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability

Vulnerebility

25.10.2017

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

Vulnerebility

25.10.2017

OpenSSL CVE-2017-3731 Denial of Service Vulnerability

Vulnerebility

25.10.2017

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability

Vulnerebility

25.10.2017

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability

Vulnerebility

25.10.2017

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability

Vulnerebility

25.10.2017

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability

Vulnerebility

25.10.2017

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability

Vulnerebility

25.10.2017

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability

Vulnerebility

25.10.2017

DUHK attack, continuing a week of named issues

SANS News

25.10.2017

BadRabbit Ransomware Attacks Hitting Russia, Ukraine

Threatpost

25.10.2017

Whois Maintainer Accidentally Makes Password Hashes Available For Download

Threatpost

24.10.2017

security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23

Bugtraq

24.10.2017

SECURITY] DSA 4003-1] libvirt security update 2017-10-19

Bugtraq

24.10.2017

SECURITY] DSA 4002-1] mysql-5.5 security update 2017-10-19

Bugtraq

24.10.2017

Exp.CVE-2017-11826

Malware

24.10.2017

TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities

Vulnerebility

24.10.2017

Infineon RSA Library CVE-2017-15361 Cryptographic Security Bypass Vulnerability

Vulnerebility

24.10.2017

Symantec Endpoint Encryption CVE-2017-13675 Denial-of-Service Vulnerability

Vulnerebility

24.10.2017

Jenkins Build Publisher Plugin Information Disclosure Vulnerability

Vulnerebility

24.10.2017

Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities

Vulnerebility

24.10.2017

Jenkins Active Choices Plugin HTML Injection Vulnerability

Vulnerebility

24.10.2017

Jenkins SCP Publisher Plugin SSH credentials Information Disclosure Vulnerability

Vulnerebility

24.10.2017

cURL/libcURL CVE-2017-1000257 Buffer Overflow Vulnerability

Vulnerebility

24.10.2017

Symantec Endpoint Encryption CVE-2017-13683 Denial-of-Service Vulnerability

Vulnerebility

24.10.2017

Symantec Encryption Desktop CVE-2017-13682 Denial-of-Service Vulnerability

Vulnerebility

24.10.2017

Foxit Reader CVE-2017-15770 Remote Buffer Overflow Vulnerability

Vulnerebility

24.10.2017

GNU glibc CVE-2017-15804 Heap Buffer Overflow Vulnerability

Vulnerebility

24.10.2017

Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability

Vulnerebility

24.10.2017

Cisco AMP for Endpoints CVE-2017-12317 Local Privilege Escalation Vulnerability

Vulnerebility

24.10.2017

FFmpeg CVE-2017-15186 Denial of Service Vulnerability

Vulnerebility

24.10.2017

GNU glibc CVE-2017-15671 Local Denial of Service Vulnerability

Vulnerebility

24.10.2017

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability

Vulnerebility

24.10.2017

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

Vulnerebility

24.10.2017

OpenSSL CVE-2017-3731 Denial of Service Vulnerability

Vulnerebility

24.10.2017

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability

Vulnerebility

24.10.2017

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability

Vulnerebility

24.10.2017

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability

Vulnerebility

24.10.2017

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability

Vulnerebility

24.10.2017

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability

Vulnerebility

24.10.2017

BadRabbit: New ransomware wave hitting RU & UA

SANS News

24.10.2017

Stop relying on file extensions

SANS News

24.10.2017

Latest Sofacy Campaign Targeting Security Researchers

Threatpost

24.10.2017

Polycom - Command Shell Authorization Bypass (Metasploit) 

Exploit

24.10.2017

Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution... 

Exploit

24.10.2017

Unitrends UEB 9 - http api/storage Remote Root (Metasploit) 

Exploit

24.10.2017

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 

Exploit

24.10.2017

FS OLX Clone - 'catg_id' SQL Injection 

Exploit

24.10.2017

FS Lynda Clone - 'category' SQL Injection 

Exploit

24.10.2017

FS Indiamart Clone - 'keywords' SQL Injection 

Exploit

24.10.2017

FS Groupon Clone - 'category' SQL Injection 

Exploit

24.10.2017

FS Freelancer Clone - 'sk' SQL Injection 

Exploit

24.10.2017

FS Expedia Clone - 'hid' SQL Injection 

Exploit

24.10.2017

FS Food Delivery Script - 'keywords' SQL Injection 

Exploit

24.10.2017

Mikogo 5.4.1.160608 - Local Credentials Disclosure 

Exploit

23.10.2017

Linux.Iotreaper

Malware

23.10.2017

Trojan.Turla.B

Malware

23.10.2017

Is a telco in Brazil hosting an epidemic of open SOCKS proxies?

SANS News

23.10.2017

New Magniber Ransomware Targets South Korea, Asia Pacific

Threatpost

23.10.2017

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 

Exploit

23.10.2017

CometChat < 6.2.0 BETA 1 - Local File Inclusion 

Exploit

23.10.2017

Logitech Media Server - Cross-Site Scripting 

Exploit

23.10.2017

TP-Link TL-MR3220 - Cross-Site Scripting 

Exploit

23.10.2017

ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service 

Exploit

23.10.2017

Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation 

Exploit

23.10.2017

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 

Exploit

20.10.2017

FreeBSD Security Advisory FreeBSD-SA-17:07.wpa REVISED] 2017-10-19

Bugtraq

20.10.2017

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability

Vulnerebility

20.10.2017

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

Vulnerebility

20.10.2017

OpenSSL CVE-2017-3731 Denial of Service Vulnerability

Vulnerebility

20.10.2017

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability

Vulnerebility

20.10.2017

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability

Vulnerebility

20.10.2017

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability

Vulnerebility

20.10.2017

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability

Vulnerebility

20.10.2017

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability

Vulnerebility

20.10.2017

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability

Vulnerebility

20.10.2017

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability

Vulnerebility

20.10.2017

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability

Vulnerebility

20.10.2017

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability

Vulnerebility

20.10.2017

OpenSSL CVE-2016-7052 Denial of Service Vulnerability

Vulnerebility

20.10.2017

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability

Vulnerebility

20.10.2017

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability

Vulnerebility

20.10.2017

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability

Vulnerebility

20.10.2017

Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability

Vulnerebility

20.10.2017

NTP CVE-2016-7431 Denial of Service Vulnerability

Vulnerebility

20.10.2017

OpenSSL CVE-2016-6304 Denial of Service Vulnerability

Vulnerebility

20.10.2017

Oracle Java Advanced Management Console CVE-2017-10380 Remote Security Vulnerability

Vulnerebility

20.10.2017

Oracle Java SE and JRockit CVE-2017-10356 Local Security Vulnerability

Vulnerebility

20.10.2017

Necurs Botnet malspam pushes Locky using DDE attack

SANS News

20.10.2017

Using Yara rules with Volatility 

SANS News

20.10.2017

Google Play Bounty Promises $1,000 Rewards for Flaws in Popular Apps

Threatpost

20.10.2017

Hackers Take Aim at SSH Keys in New Attacks

Threatpost

20.10.2017

Google Advanced Protection Trades Ease-of-Use for Security

Threatpost

20.10.2017

Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection 

Exploit

20.10.2017

TP-Link WR940N - Authenticated Remote Code Exploit 

Exploit

20.10.2017

Check_MK 1.2.8p25 - Information Disclosure 

Exploit

20.10.2017

ZKTime Web Software 2.0 - Improper Access Restrictions 

Exploit

20.10.2017

ZKTime Web Software 2.0 - Cross-Site Request Forgery 

Exploit

20.10.2017

Mozilla Firefox < 55 - Denial of Service 

Exploit

19.10.2017

FreeBSD Security Advisory FreeBSD-SA-17:07.wpa REVISED] 2017-10-19

Bugtraq

19.10.2017

slackware-security] xorg-server (SSA:2017-291-03) 2017-10-18

Bugtraq

19.10.2017

slackware-security] wpa_supplicant (SSA:2017-291-02) 2017-10-18

Bugtraq

19.10.2017

slackware-security] libXres (SSA:2017-291-01) 2017-10-18

Bugtraq

19.10.2017

WebKitGTK+ Security Advisory WSA-2017-0008 2017-10-18

Bugtraq

19.10.2017

SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products 2017-10-18

Bugtraq

19.10.2017

Trojan.Esaprof

Malware

19.10.2017

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

Vulnerebility

19.10.2017

OpenSSL CVE-2017-3731 Denial of Service Vulnerability

Vulnerebility

19.10.2017

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability

Vulnerebility

19.10.2017

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability

Vulnerebility

19.10.2017

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability

Vulnerebility

19.10.2017

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability

Vulnerebility

19.10.2017

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability

Vulnerebility

19.10.2017

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability

Vulnerebility

19.10.2017

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability

Vulnerebility

19.10.2017

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability

Vulnerebility

19.10.2017

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability

Vulnerebility

19.10.2017

OpenSSL CVE-2016-7052 Denial of Service Vulnerability

Vulnerebility

19.10.2017

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability

Vulnerebility

19.10.2017

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability

Vulnerebility

19.10.2017

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability

Vulnerebility

19.10.2017

Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability

Vulnerebility

19.10.2017

NTP CVE-2016-7431 Denial of Service Vulnerability

Vulnerebility

19.10.2017

OpenSSL CVE-2016-6304 Denial of Service Vulnerability

Vulnerebility

19.10.2017

Oracle Java Advanced Management Console CVE-2017-10380 Remote Security Vulnerability

Vulnerebility

19.10.2017

Oracle Java SE and JRockit CVE-2017-10356 Local Security Vulnerability

Vulnerebility

19.10.2017

RSA Archer GRC CMS Multiple Security Vulnerabilities

Vulnerebility

19.10.2017

Oracle Database Server CVE-2016-3506 Remote Security Vulnerability

Vulnerebility

19.10.2017

Perl 'perl.c' CVE-2016-2381 Security Bypass Vulnerability

Vulnerebility

19.10.2017

lcms2 CVE-2016-10165 Out-of-Bounds Read Denial of Service Vulnerability

Vulnerebility

19.10.2017

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability

Vulnerebility

19.10.2017

GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability

Vulnerebility

19.10.2017

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability

Vulnerebility

19.10.2017

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability

Vulnerebility

19.10.2017

Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability

Vulnerebility

19.10.2017

Cisco WebEx Meetings Server CVE-2017-12296 Cross Site Scripting Vulnerability

Vulnerebility

19.10.2017

HSBC-themed malspam uses ISO attachments to push Loki Bot malware

SANS News

19.10.2017

FBI Asks Businesses to Share Details About DDoS Attacks

Threatpost

19.10.2017

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Threatpost

19.10.2017

Xen - Unbounded Recursion in Pagetable De-typing 

Exploit

19.10.2017

Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities 

Exploit

19.10.2017

Linksys E Series - Multiple Vulnerabilities 

Exploit

19.10.2017

Wordpress Plugin Car Park Booking - SQL Injection 

Exploit

18.10.2017

SECURITY] DSA 3999-1] wpa security update 2017-10-16

Bugtraq

18.10.2017

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16

Bugtraq

18.10.2017

security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13

Bugtraq

18.10.2017

Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13

Bugtraq

18.10.2017

Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13

Bugtraq

18.10.2017

lcms2 CVE-2016-10165 Out-of-Bounds Read Denial of Service Vulnerability

Vulnerebility

18.10.2017

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability

Vulnerebility

18.10.2017

GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability

Vulnerebility

18.10.2017

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability

Vulnerebility

18.10.2017

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability

Vulnerebility

18.10.2017

Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability

Vulnerebility

18.10.2017

Oracle Java Advanced Management Console CVE-2017-10380 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle E-Business Suite CVE-2017-10417 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle E-Business Suite CVE-2017-10329 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Hotel Mobile CVE-2017-10014 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle E-Business Suite CVE-2017-10330 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Hotel Mobile CVE-2017-10353 Remote Security Vulnerability

Vulnerebility

18.10.2017

Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability

Vulnerebility

18.10.2017

WPA2 Key Reinstallation Multiple Security Weaknesses

Vulnerebility

18.10.2017

Liblouis CVE-2014-8184 Stack Based Buffer Overflow Vulnerability

Vulnerebility

18.10.2017

SAP Host Agent CVE-2017-15297 Denial of Service Vulnerability

Vulnerebility

18.10.2017

Apache Struts Incomplete Fix Remote Code Execution Vulnerability

Vulnerebility

18.10.2017

SAP Point of Sale (POS) Retail Xpress Server Authentication Bypass Vulnerability

Vulnerebility

18.10.2017

SAP Customer Relationship Management (CRM) Cross Site Scripting Vulnerability

Vulnerebility

18.10.2017

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10418 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Suite8 CVE-2017-10419 Local Security Vulnerability

Vulnerebility

18.10.2017

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10373 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality OPERA 5 Property Services CVE-2017-10197 Local Security Vulnerability

Vulnerebility

18.10.2017

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10335 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Suite8 CVE-2017-10389 Local Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Cruise Materials Management CVE-2017-10054 Local Security Vulnerability

Vulnerebility

18.10.2017

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10366 Remote Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Suite8 CVE-2017-10317 Local Security Vulnerability

Vulnerebility

18.10.2017

Oracle Hospitality Cruise Materials Management CVE-2017-10401 Local Security Vulnerability

Vulnerebility

18.10.2017

Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory... 

Exploit

18.10.2017

Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback... 

Exploit

18.10.2017

Microsoft Edge Chakra - Accesses to Uninitialized Pointers in... 

Exploit

18.10.2017

Microsoft Edge Chakra JIT - Incorrect GenerateBailOut Calling Patterns 

Exploit

18.10.2017

Microsoft Windows 10 - WLDP/MSHTML CLSID UMCI Bypass 

Exploit

18.10.2017

Microsoft Excel - OLE Arbitrary Code Execution 

Exploit

18.10.2017

Tomcat - Remote Code Execution via JSP Upload Bypass (Metasploit) 

Exploit

18.10.2017

Apple iOS 10.2 (14C92) - Remote Code Execution 

Exploit

18.10.2017

Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution 

Exploit

18.10.2017

OpenText Documentum Content Server - Arbitrary File Download 

Exploit

18.10.2017

OpenText Documentum Content Server - dmr_content Privilege Escalation 

Exploit

18.10.2017

OpenText Documentum Content Server - Arbitrary File Download Privilege Escalation 

Exploit

18.10.2017

OpenText Documentum Content Server - Privilege Escalation 

Exploit

18.10.2017

3CX Phone System 15.5.3554.1 - Directory Traversal 

Exploit

18.10.2017

Shadowsocks - Log File Command Execution 

Exploit

18.10.2017

shadowsocks-libev 3.1.0 - Command Execution 

Exploit

18.10.2017

Linux Kernel - 'AF_PACKET' Use-After-Free 

Exploit

17.10.2017

SECURITY] DSA 3999-1] wpa security update 2017-10-16

Bugtraq

17.10.2017

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16

Bugtraq

17.10.2017

security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13

Bugtraq

17.10.2017

Ransom.Hermes.B

Malware

17.10.2017

Exp.CVE-2017-11292

Malware

17.10.2017

WPA2 Key Reinstallation Multiple Security Weaknesses

Vulnerebility

17.10.2017

Adobe Flash Player CVE-2017-11292 Type Confusion Remote Code Execution Vulnerability

Vulnerebility

17.10.2017

AlienVault USM CVE-2017-14956 Cross Site Request Forgery Vulnerability

Vulnerebility

17.10.2017

Fortinet FortiWLC CVE-2017-7335 Multiple Cross Site Scripting Vulnerabilities

Vulnerebility

17.10.2017

Fortinet FortiMail CVE-2017-7732 Cross Site Scripting Vulnerability

Vulnerebility

17.10.2017

Fortinet FortiWLC CVE-2017-7341 OS Command Injection Vulnerability

Vulnerebility

17.10.2017

HP Connected Backup CVE-2017-14355 Unspecified Local Privilege Escalation Vulnerability

Vulnerebility

17.10.2017

Oracle October 2017 Critical Patch Update Multiple Vulnerabilities

Vulnerebility

17.10.2017

MultiFLEX M10a Controller Multiple Security Vulnerabilities

Vulnerebility

17.10.2017

SQLite CVE-2017-15286 Denial of Service Vulnerability

Vulnerebility

17.10.2017

QEMU CVE-2017-15268 Denial of Service Vulnerability

Vulnerebility

17.10.2017

ImageMagick CVE-2017-15281 Denial of Service Vulnerability

Vulnerebility

17.10.2017

Atlassian Bamboo CVE-2017-9514 Remote Code Execution Vulnerability

Vulnerebility

17.10.2017

Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities

Vulnerebility

17.10.2017

NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service Vulnerabilities

Vulnerebility

17.10.2017

Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Stack Based Buffer Overflow Vulnerabilities

Vulnerebility

17.10.2017

Envitech EnviDAS Ultimate CVE-2017-9625 Authentication Bypass Vulnerability

Vulnerebility

17.10.2017

Multiple Siemens Products Authentication Bypass and Directory Traversal Vulnerabilities

Vulnerebility

17.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

17.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

17.10.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

17.10.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

17.10.2017

Hancitor malspam uses DDE attack

SANS News

17.10.2017

KRACK ATTACK DEVASTATES WI-FI SECURITY

Threatpost

17.10.2017

Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

Threatpost

17.10.2017

Adobe Patches Flash Zero Day Exploited by Black Oasis APT

Threatpost

17.10.2017

3CX Phone System 15.5.3554.1 - Directory Traversal 

Exploit

17.10.2017

Vulnerabilities 

Exploit

17.10.2017

Windows x64 - API Hooking Shellcode (117 bytes) 

Exploit

17.10.2017

Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution 

Exploit

16.10.2017

SECURITY] DSA 3999-1] wpa security update 2017-10-16

Bugtraq

16.10.2017

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16

Bugtraq

16.10.2017

security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13

Bugtraq

16.10.2017

Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13

Bugtraq

16.10.2017

Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13

Bugtraq

16.10.2017

Android.Sockbot

Malware

16.10.2017

Exp.CVE-2017-11762

Malware

16.10.2017

Exp.CVE-2017-8727

Malware

16.10.2017

Exp.CVE-2017-11793

Malware

16.10.2017

Exp.CVE-2017-11798

Malware

16.10.2017

Exp.CVE-2017-11800

Malware

16.10.2017

Exp.CVE-2017-11810

Malware

16.10.2017

Exp.CVE-2017-11822

Malware

16.10.2017

Oracle October 2017 Critical Patch Update Multiple Vulnerabilities

Vulnerebility

16.10.2017

MultiFLEX M10a Controller Multiple Security Vulnerabilities

Vulnerebility

16.10.2017

Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities

Vulnerebility

16.10.2017

NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service Vulnerabilities

Vulnerebility

16.10.2017

Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Stack Based Buffer Overflow Vulnerabilities

Vulnerebility

16.10.2017

Envitech EnviDAS Ultimate CVE-2017-9625 Authentication Bypass Vulnerability

Vulnerebility

16.10.2017

Multiple Siemens Products Authentication Bypass and Directory Traversal Vulnerabilities

Vulnerebility

16.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

16.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

16.10.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

16.10.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

16.10.2017

Oniguruma CVE-2017-9227 Out of Bounds Read Memory Corruption Vulnerability

Vulnerebility

16.10.2017

FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability

Vulnerebility

16.10.2017

WPA2 "KRACK" Attack

SANS News

16.10.2017

Peeking into .msg files

SANS News

16.10.2017

Cyberespionage Group Steps Up Campaigns Against Japanese Firms

Threatpost

16.10.2017

Hyatt Hit By Credit Card Breach, Again

Threatpost

16.10.2017

AlienVault Unified Security Management (USM) 5.4.2 - Cross-Site Request Forgery 

Exploit

16.10.2017

Webmin 1.850 - Multiple Vulnerabilities 

Exploit

15.10.2017

Multiple vulnerabilities in OpenText Documentum Content Server 2017-10-13

Bugtraq

15.10.2017

SECURITY] DSA 3995-1] libxfont security update 2017-10-10

Bugtraq

15.10.2017

Oracle October 2017 Critical Patch Update Multiple Vulnerabilities

Vulnerebility

15.10.2017

MultiFLEX M10a Controller Multiple Security Vulnerabilities

Vulnerebility

15.10.2017

Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities

Vulnerebility

15.10.2017

NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service Vulnerabilities

Vulnerebility

15.10.2017

Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Stack Based Buffer Overflow Vulnerabilities

Vulnerebility

15.10.2017

Envitech EnviDAS Ultimate CVE-2017-9625 Authentication Bypass Vulnerability

Vulnerebility

15.10.2017

Multiple Siemens Products Authentication Bypass and Directory Traversal Vulnerabilities

Vulnerebility

15.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

15.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

15.10.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

15.10.2017

Sync Breeze Enterprise 10.1.16 - Buffer Overflow (SEH) (Metasploit) 

Exploit

15.10.2017

phpMyFAQ 2.9.8 - Cross-Site Scripting 

Exploit

15.10.2017

Dreambox Plugin BouquetEditor - Cross-Site Scripting 

Exploit

15.10.2017

TYPO3 Extension Restler 1.7.0 - Local File Disclosure 

Exploit

15.10.2017

E-Sic Software livre CMS - Cross Site Scripting 

Exploit

15.10.2017

E-Sic Software livre CMS - 'f' Parameter SQL Injection 

Exploit

15.10.2017

E-Sic Software livre CMS - 'cpfcnpj' Parameter SQL Injection 

Exploit

15.10.2017

E-Sic Software livre CMS - Autentication Bypass 

Exploit

15.10.2017

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes) 

Exploit

13.10.2017

SECURITY] DSA 3995-1] libxfont security update 2017-10-10

Bugtraq

13.10.2017

SECURITY] DSA 3994-1] nautilus security update 2017-10-08

Bugtraq

13.10.2017

SECURITY] DSA 3993-1] tor security update 2017-10-06

Bugtraq

13.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

13.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

13.10.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

13.10.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

13.10.2017

Oniguruma CVE-2017-9227 Out of Bounds Read Memory Corruption Vulnerability

Vulnerebility

13.10.2017

FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavformat/asfdec_f.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg CVE-2017-14171 Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavformat/mov.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavutil/pixdesc.c' NULL pointer Dereference Remote Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavformat/mxfdec.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavformat/mxfdec.c' Security Bypass Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavformat/asfdec_f.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg CVE-2017-14055 Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg 'libavformat/rmdec.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg CVE-2017-14058 Denial of Service Vulnerability

Vulnerebility

13.10.2017

FFmpeg CVE-2017-14056 Denial of Service Vulnerability

Vulnerebility

13.10.2017

Linux kernel CVE-2017-14106 Local Denial of Service Vulnerability

Vulnerebility

13.10.2017

Linux Kernel 'mm/migrate.c' Local Information Disclosure Vulnerability

Vulnerebility

13.10.2017

Xen CVE-2017-12134 Memory Corruption Vulnerability

Vulnerebility

13.10.2017

GNU Binutils CVE-2017-14939 Remote Denial of Service Vulnerability

Vulnerebility

13.10.2017

Wireshark MBIM Dissector 'epan/dissectors/packet-mbim.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

Intel Bootgaurd CVE-2017-5722 Local Security Bypass Vulnerability

Vulnerebility

13.10.2017

Wireshark BT ATT Dissector 'epan/dissectors/packet-btatt.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

ImageMagick CVE-2017-15218 Denial of Service Vulnerability

Vulnerebility

13.10.2017

ImageMagick 'coders/sgi.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

Wireshark RTSP Dissector 'epan/dissectors/packet-rtsp.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

Wireshark DOCSIS Dissector '/docsis/packet-docsis.c' Denial of Service Vulnerability

Vulnerebility

13.10.2017

Wireshark DMP Dissector CVE-2017-15191 Denial of Service Vulnerability

Vulnerebility

13.10.2017

Version control tools aren't only for Developers

SANS News

13.10.2017

Locky Gets Updated to ‘Ykcol’, Part of Rapid-Fire Spam Campaigns

Threatpost

13.10.2017

Equifax Takes Down Compromised Page Redirecting to Adware Download

Threatpost

13.10.2017

OctoberCMS 1.0.425 (Build 425) - Cross-Site Scripting 

Exploit

10.10.2017

GNU Binutils CVE-2017-14939 Remote Denial of Service Vulnerability

Vulnerebility

10.10.2017

SAP NetWeaver Mobile Client Information Disclosure Vulnerability

Vulnerebility

10.10.2017

SAP NetWeaver Mobile Client Information Disclosure Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows CVE-2017-11829 Local Privilege Escalation Vulnerability

Vulnerebility

10.10.2017

SAP NetWeaver System Landscape Directory Information Disclosure Vulnerability

Vulnerebility

10.10.2017

SAP ERP Remote Authorization Bypass Vulnerability

Vulnerebility

10.10.2017

SAP Customer Relationship Management (CRM) IC WebClient Unspecified Spoofing Vulnerability

Vulnerebility

10.10.2017

SAP NetWeaver Instance Agent Service Memory Corruption Vulnerability

Vulnerebility

10.10.2017

SAP Netweaver Web Dynpro ABAP Denial of Service Vulnerability

Vulnerebility

10.10.2017

SAP Customer Relationship Management Mail Form Editor Cross Site Scripting Vulnerability

Vulnerebility

10.10.2017

SAP NetWeaver Instance Agent Service Information Disclosure Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows DNSAPI CVE-2017-11779 Remote Code Execution Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows Subsystem for Linux CVE-2017-8703 Local Denial of Service Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows Device Guard CVE-2017-8715 Local Security Bypass Vulnerability

Vulnerebility

10.10.2017

Microsoft Jet Database Engine CVE-2017-8718 Buffer Overflow Vulnerability

Vulnerebility

10.10.2017

Microsoft Jet Database Engine CVE-2017-8717 Buffer Overflow Vulnerability

Vulnerebility

10.10.2017

Microsoft Skype for Business CVE-2017-11786 Privilege Escalation Vulnerability

Vulnerebility

10.10.2017

Microsoft SharePoint Server CVE-2017-11777 Cross Site Scripting Vulnerability

Vulnerebility

10.10.2017

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows Kernel CVE-2017-11785 Local Information Disclosure Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows Kernel CVE-2017-11784 Local Information Disclosure Vulnerability

Vulnerebility

10.10.2017

Microsoft ChakraCore Scripting Engine CVE-2017-11801 Remote Memory Corruption Vulnerability

Vulnerebility

10.10.2017

Microsoft ChakraCore Scripting Engine CVE-2017-11797 Remote Memory Corruption Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows CVE-2017-11783 Local Privilege Escalation Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows SMB Server CVE-2017-11782 Remote Privilege Escalation Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows Shell CVE-2017-8727 Remote Code Execution Vulnerability

Vulnerebility

10.10.2017

Microsoft Internet Explorer CVE-2017-11793 Remote Memory Corruption Vulnerability

Vulnerebility

10.10.2017

Microsoft Windows SMB Server CVE-2017-11781 Denial of Service Vulnerability

Vulnerebility

10.10.2017

Microsoft Edge Scripting Engine CVE-2017-11812 Remote Memory Corruption Vulnerability

Vulnerebility

10.10.2017

Microsoft Edge Scripting Engine CVE-2017-11811 Remote Memory Corruption Vulnerability

Vulnerebility

10.10.2017

FormBook Malware Targets US Defense Contractors, Aerospace and Manufacturing Sectors

Threatpost

10.10.2017

NFL Players, Agents Targeted in Database Extortion Attempt

Threatpost

10.10.2017

IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit) 

Exploit

10.10.2017

Complain Management System - Hard-Coded Credentials / Blind SQL injection 

Exploit

10.10.2017

ClipShare 7.0 - SQL Injection 

Exploit

9.10.2017

SECURITY] DSA 3994-1] nautilus security update 2017-10-08

Bugtraq

9.10.2017

SECURITY] DSA 3993-1] tor security update 2017-10-06

Bugtraq

9.10.2017

slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06

Bugtraq

9.10.2017

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability

Vulnerebility

9.10.2017

RSA Archer GRC CMS Multiple Security Vulnerabilities

Vulnerebility

9.10.2017

Ruby CVE-2017-14033 Buffer Underrun Vulnerability

Vulnerebility

9.10.2017

Ruby CVE-2017-14064 Arbitrary Memory Disclosure Vulnerability

Vulnerebility

9.10.2017

RubyGems CVE-2017-0899 Security Bypass Vulnerability

Vulnerebility

9.10.2017

RubyGems CVE-2017-0901 Local Arbitrary File Overwrite Vulnerability

Vulnerebility

9.10.2017

Ruby CVE-2017-0898 Buffer Underrun Vulnerability

Vulnerebility

9.10.2017

RubyGems CVE-2017-0900 Denial of Service Vulnerability

Vulnerebility

9.10.2017

Curl CVE-2017-1000254 Out of Bounds Read Denial of Service Vulnerability

Vulnerebility

9.10.2017

cURL CVE-2017-1000101 Out of Bounds Read Information Disclosure Vulnerability

Vulnerebility

9.10.2017

cURL/libcURL CVE-2017-1000100 Heap Based Buffer Overflow Vulnerability

Vulnerebility

9.10.2017

GNOME Nautilus CVE-2017-14604 Arbitrary Command Execution Vulnerability

Vulnerebility

9.10.2017

Symantec Endpoint Encryption CVE-2017-13675 Denial-of-Service Vulnerability

Vulnerebility

9.10.2017

EMC Network Configuration Manager CVE-2017-8017 Cross Site Scripting Vulnerability

Vulnerebility

9.10.2017

Microsoft Windows WAV File Handling Denial of Service Vulnerability

Vulnerebility

9.10.2017

Magento CMS Multiple Security Vulnerabilities

Vulnerebility

9.10.2017

A strange JPEG file

SANS News

9.10.2017

Base64 All The Things!

SANS News

9.10.2017

Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery 

Exploit

9.10.2017

PyroBatchFTP 3.17 - Buffer Overflow (SEH) 

Exploit

9.10.2017

OrientDB 2.2.2 - 2.2.22 - Remote Code Execution (Metasploit) 

Exploit

9.10.2017

Rancher Server - Docker Daemon Code Execution (Metasploit) 

Exploit

9.10.2017

Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery 

Exploit

8.10.2017

slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06

Bugtraq

8.10.2017

DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05

Bugtraq

8.10.2017

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03

Bugtraq

8.10.2017

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02

Bugtraq

8.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

8.10.2017

Win32/Filecoder.FS

Malware

8.10.2017

Win32/Ceatrg.A

Malware

8.10.2017

MSIL/Filecoder.FF

Malware

8.10.2017

Win32/Delf.TSU

Malware

8.10.2017

Win32/Spy.Small.NDA

Malware

8.10.2017

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability

Vulnerebility

8.10.2017

Microsoft Windows WAV File Handling Denial of Service Vulnerability

Vulnerebility

8.10.2017

Magento CMS Multiple Security Vulnerabilities

Vulnerebility

8.10.2017

Adobe Flash Player and AIR CVE-2014-0569 Integer Overflow Vulnerability

Vulnerebility

8.10.2017

Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability

Vulnerebility

8.10.2017

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability

Vulnerebility

8.10.2017

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises

SANS News

8.10.2017

Security Industry Failing to Establish Trust

Threatpost

6.10.2017

slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06

Bugtraq

6.10.2017

DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05

Bugtraq

6.10.2017

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation
Management (SOM), Remote Arbitrary File Download 2017-10-03

Bugtraq

6.10.2017

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02

Bugtraq

6.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures

CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

6.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery
 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

6.10.2017

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30

Bugtraq

6.10.2017

Backdoor.Korplug.E

Malware

6.10.2017

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability

Vulnerebility

6.10.2017

Magento CMS Multiple Security Vulnerabilities

Vulnerebility

6.10.2017

Adobe Flash Player and AIR CVE-2014-0569 Integer Overflow Vulnerability

Vulnerebility

6.10.2017

Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2014-8439 Remote Code Execution Vulnerability

Vulnerebility

6.10.2017

Microsoft Windows CVE-2015-0016 Remote Privilege Escalation Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-0311 Use After Free Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-0313 Remote Code Execution Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-0336 Type Confusion Remote Code Execution Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player APSB15-06 Multiple Remote Code Execution Vulnerabilities

Vulnerebility

6.10.2017

Apple macOS CVE-2017-7150 Security Bypass Vulnerability

Vulnerebility

6.10.2017

GE CIMPLICITY CVE-2017-12732 Stack Based Buffer Overflow Vulnerability

Vulnerebility

6.10.2017

Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player and AIR Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

6.10.2017

Adobe Flash Player and AIR CVE-2015-3104 Remote Integer Overflow Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player and AIR CVE-2015-3105 Unspecified Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-3113 Unspecified Heap Buffer Overflow Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability

Vulnerebility

6.10.2017

Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability

Vulnerebility

6.10.2017

Ghostscript GhostXPS CVE-2017-9727 Denial of Service Vulnerability

Vulnerebility

6.10.2017

Ghostscript GhostXPS CVE-2017-9726 Denial of Service Vulnerability

Vulnerebility

6.10.2017

Ghostscript GhostXPS CVE-2017-9612 Heap Buffer Overflow Vulnerability

Vulnerebility

6.10.2017

Ghostscript GhostXPS CVE-2017-9739 Heap Buffer Overflow Vulnerability

Vulnerebility

6.10.2017

Artifex Ghostscript CVE-2017-9835 Heap Buffer Overflow Vulnerability

Vulnerebility

6.10.2017

Ghostscript GhostXPS CVE-2017-9611 Heap Buffer Overflow Vulnerability

Vulnerebility

6.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

6.10.2017

US Top Law Enforcement Calls Strong Encryption a ‘Serious Problem’

Threatpost

6.10.2017

Latin American ATM Thieves Turning to Hacking

Threatpost

6.10.2017

Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow 

Exploit

6.10.2017

Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution 

Exploit

6.10.2017

Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution 

Exploit

6.10.2017

Unitrends UEB 9.1 - Privilege Escalation 

Exploit

6.10.2017

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution 

Exploit

5.10.2017

DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05

Bugtraq

5.10.2017

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03

Bugtraq

5.10.2017

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02

Bugtraq

5.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

5.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

5.10.2017

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30

Bugtraq

5.10.2017

Mac OS X Local Javascript Quarantine Bypass 2017-09-30

Bugtraq

5.10.2017

SECURITY] DSA 3987-1] firefox-esr security update 2017-09-29

Bugtraq

5.10.2017

Trojan.Dubki

Malware

5.10.2017

Trojan.Flusihoc

Malware

5.10.2017

Ransom.Arena

Malware

5.10.2017

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability

Vulnerebility

5.10.2017

Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability

Vulnerebility

5.10.2017

Adobe Flash Player and AIR Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

5.10.2017

Adobe Flash Player and AIR CVE-2015-3104 Remote Integer Overflow Vulnerability

Vulnerebility

5.10.2017

Adobe Flash Player and AIR CVE-2015-3105 Unspecified Memory Corruption Vulnerability

Vulnerebility

5.10.2017

Adobe Flash Player CVE-2015-3113 Unspecified Heap Buffer Overflow Vulnerability

Vulnerebility

5.10.2017

Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability

Vulnerebility

5.10.2017

Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability

Vulnerebility

5.10.2017

Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability

Vulnerebility

5.10.2017

Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability

Vulnerebility

5.10.2017

Ghostscript GhostXPS CVE-2017-9727 Denial of Service Vulnerability

Vulnerebility

5.10.2017

Ghostscript GhostXPS CVE-2017-9726 Denial of Service Vulnerability

Vulnerebility

5.10.2017

Ghostscript GhostXPS CVE-2017-9612 Heap Buffer Overflow Vulnerability

Vulnerebility

5.10.2017

Ghostscript GhostXPS CVE-2017-9739 Heap Buffer Overflow Vulnerability

Vulnerebility

5.10.2017

Artifex Ghostscript CVE-2017-9835 Heap Buffer Overflow Vulnerability

Vulnerebility

5.10.2017

Ghostscript GhostXPS CVE-2017-9611 Heap Buffer Overflow Vulnerability

Vulnerebility

5.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

5.10.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

5.10.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

5.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

5.10.2017

OCaml CVE-2015-8869 Multiple Security Vulnerabilities

Vulnerebility

5.10.2017

QEMU Out of Bounds Read and Write Memory Access CVE-2017-14167 Local Integer Overflow Vulnerability

Vulnerebility

5.10.2017

QEMU 'hw/display/vga.c' Denial of Service Vulnerability

Vulnerebility

5.10.2017

Qemu CVE-2017-12809 Null Pointer Dereference Denial of Service Vulnerability

Vulnerebility

5.10.2017

QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability

Vulnerebility

5.10.2017

QEMU CVE-2017-13711 Denial of Service Vulnerability

Vulnerebility

5.10.2017

Multiple Cisco Products CVE-2017-12226 Remote Privilege Escalation Vulnerability

Vulnerebility

5.10.2017

Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability

Vulnerebility

5.10.2017

Cisco Meeting App CVE-2017-12266 Local Privilege Escalation Vulnerability

Vulnerebility

5.10.2017

Cisco AnyConnect Secure Mobility Client CVE-2017-12268 Local Security Bypass Vulnerability

Vulnerebility

5.10.2017

pcap2curl: Turning a pcap file into a set of cURL commands for "replay" 

SANS News

5.10.2017

Security Awareness Month: How to Help Friends and Family

SANS News

5.10.2017

Securing "Out of Band" Access

SANS News

5.10.2017

Attackers Redefining Objectives, Approaches

Threatpost

5.10.2017

Experts Have Sobering Message on Human Rights, Privacy for Security Pros

Threatpost

5.10.2017

Costin Raiu and Juan Andres Guerrero-Saade on APT Fourth-Party Collection

Threatpost

5.10.2017

Cloudflare CTO Goes Inside the Cloudbleed Bug

Threatpost

5.10.2017

ERS Data System 1.8.1 - Java Deserialization 

Exploit

5.10.2017

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution 

Exploit

4.10.2017

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03

Bugtraq

4.10.2017

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02

Bugtraq

4.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

4.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

4.10.2017

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30

Bugtraq

4.10.2017

Mac OS X Local Javascript Quarantine Bypass 2017-09-30

Bugtraq

4.10.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

4.10.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

4.10.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

4.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

4.10.2017

OCaml CVE-2015-8869 Multiple Security Vulnerabilities

Vulnerebility

4.10.2017

QEMU Out of Bounds Read and Write Memory Access CVE-2017-14167 Local Integer Overflow Vulnerability

Vulnerebility

4.10.2017

QEMU 'hw/display/vga.c' Denial of Service Vulnerability

Vulnerebility

4.10.2017

Qemu CVE-2017-12809 Null Pointer Dereference Denial of Service Vulnerability

Vulnerebility

4.10.2017

QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability

Vulnerebility

4.10.2017

QEMU CVE-2017-13711 Denial of Service Vulnerability

Vulnerebility

4.10.2017

Multiple Cisco Products CVE-2017-12226 Remote Privilege Escalation Vulnerability

Vulnerebility

4.10.2017

Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability

Vulnerebility

4.10.2017

Tcpdump CVE-2017-12997 Denial of Service Vulnerability

Vulnerebility

4.10.2017

Multiple EMC Products CVE-2017-8007 Directory Traversal Vulnerability

Vulnerebility

4.10.2017

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability

Vulnerebility

4.10.2017

Samba CVE-2017-12163 Arbitrary File Write Vulnerability

Vulnerebility

4.10.2017

Zoho Site24x7 Mobile Network Poller SSL Certificate Validation Security Bypass Vulnerability

Vulnerebility

4.10.2017

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability

Vulnerebility

4.10.2017

IBM Spectrum Protect CVE-2017-1301 Insecure Temporary File Creation Vulnerability

Vulnerebility

4.10.2017

Google Android Media Framework Components Multiple Security Vulnerabilities

Vulnerebility

4.10.2017

Google Android Framework CVE-2017-0806 Security Bypass Vulnerability

Vulnerebility

4.10.2017

Five Critical Android Bugs Get Patched in October Update

Threatpost

4.10.2017

Google Warns of DoS and RCE Bugs in Dnsmasq

Threatpost

4.10.2017

ERS Data System 1.8.1 - Java Deserialization 

Exploit

4.10.2017

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass /... 

Exploit

4.10.2017

EPESI 1.8.2 rev20170830 - Cross-Site Scripting 

Exploit

4.10.2017

DiskBoss Enterprise 8.4.16 - Local Buffer Overflow 

Exploit

3.10.2017

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02

Bugtraq

3.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

3.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

3.10.2017

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30

Bugtraq

3.10.2017

Mac OS X Local Javascript Quarantine Bypass 2017-09-30

Bugtraq

3.10.2017

SECURITY] DSA 3987-1] firefox-esr security update 2017-09-29

Bugtraq

3.10.2017

SECURITY] DSA 3986-1] ghostscript security update 2017-09-29

Bugtraq

3.10.2017

Tcpdump CVE-2017-12997 Denial of Service Vulnerability

Vulnerebility

3.10.2017

Multiple EMC Products CVE-2017-8007 Directory Traversal Vulnerability

Vulnerebility

3.10.2017

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability

Vulnerebility

3.10.2017

Samba CVE-2017-12163 Arbitrary File Write Vulnerability

Vulnerebility

3.10.2017

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability

Vulnerebility

3.10.2017

Google Android Framework CVE-2017-0806 Security Bypass Vulnerability

Vulnerebility

3.10.2017

Dnsmasq VU#973527 Multiple Security Vulnerabilities

Vulnerebility

3.10.2017

Multiple Wordpress Plugins PHP Object Injection Vulnerability

Vulnerebility

3.10.2017

SolarWinds Network Performance Monitor CVE-2017-9537 Multiple HTML Injection Vulnerabilities

Vulnerebility

3.10.2017

SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service Vulnerability

Vulnerebility

3.10.2017

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities

Vulnerebility

3.10.2017

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities

Vulnerebility

3.10.2017

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability

Vulnerebility

3.10.2017

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities

Vulnerebility

3.10.2017

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability

Vulnerebility

3.10.2017

Microsoft Internet Explorer CVE-2016-0189 Scripting Engine Remote Memory Corruption Vulnerability

Vulnerebility

3.10.2017

Adobe Flash Player CVE-2016-4117 Unspecified Remote Code Execution Vulnerability

Vulnerebility

3.10.2017

Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability

Vulnerebility

3.10.2017

Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability

Vulnerebility

3.10.2017

Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities

Vulnerebility

3.10.2017

TrendMicro OfficeScan Multiple Security Vulnerabilities

Vulnerebility

3.10.2017

Trend Micro OfficeScan CVE-2017-14087 Host Header Injection Vulnerability

Vulnerebility

3.10.2017

IBM WebSphere Commerce CVE-2017-1569 Unspecified Denial of Service Vulnerability

Vulnerebility

3.10.2017

Trend Micro OfficeScan CVE-2017-14084 Remote Code Execution Vulnerability

Vulnerebility

3.10.2017

Xen Information Disclosure Vulnerability

Vulnerebility

3.10.2017

Git CVE-2017-14867 OS Command Injection Vulnerability

Vulnerebility

3.10.2017

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Vulnerebility

3.10.2017

IBM Insights Foundation for Energy CVE-2017-1311 Unspecified SQL Injection Vulnerability

Vulnerebility

3.10.2017

Mozilla Firefox Multiple Security Vulnerabilities

Vulnerebility

3.10.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

3.10.2017

Malspam pushing Formbook info stealer

SANS News

3.10.2017

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

Threatpost

3.10.2017

Judge: FBI Can Keep iPhone Crack and Price Secret

Threatpost

3.10.2017

Gary McGraw on BSIMM8 and Software Security

Threatpost

3.10.2017

Apple Mac OS X + Safari - Local Javascript Quarantine Bypass 

Exploit

3.10.2017

Fiberhome AN5506-04-F - Command Injection 

Exploit

3.10.2017

UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code... 

Exploit

3.10.2017

Qmail SMTP - Bash Environment Variable Injection (Metasploit) 

Exploit

3.10.2017

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection 

Exploit

3.10.2017

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection 

Exploit

3.10.2017

phpCollab 2.5.1 - SQL Injection phpCollab 2.5.1 - Arbitrary File Upload 

Exploit

3.10.2017

NPM-V (Network Power Manager) 2.4.1 - Password Reset 

Exploit

3.10.2017

UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape 

Exploit

3.10.2017

UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation 

Exploit

3.10.2017

Dnsmasq < 2.78 - Integer Underflow 

Exploit

3.10.2017

Dnsmasq < 2.78 - Lack of free() Denial of Service 

Exploit

3.10.2017

Dnsmasq < 2.78 - Information Leak 

Exploit

3.10.2017

Dnsmasq < 2.78 - Stack-Based Overflow 

Exploit

3.10.2017

Dnsmasq < 2.78 - Heap-Based Overflow 

Exploit

3.10.2017

Dnsmasq < 2.78 - 2-byte Heap-Based Overflow 

Exploit

3.10.2017

Linux Kernel < 4.14.rc3 - Local Denial of Service 

Exploit

2.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures
CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

2.10.2017

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery
(apparitionsec / hyp3rlinx) 2017-10-01

Bugtraq

2.10.2017

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30

Bugtraq

2.10.2017

Mac OS X Local Javascript Quarantine Bypass 2017-09-30

Bugtraq

2.10.2017

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability

Vulnerebility

2.10.2017

SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service Vulnerability

Vulnerebility

2.10.2017

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities

Vulnerebility

2.10.2017

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities

Vulnerebility

2.10.2017

Investigating Security Incidents with Passive DNS

SANS News

2.10.2017

Linux Kernel < 4.14.rc3 - Local Denial of Service 

Exploit

2.10.2017

Sync Breeze Enterprise 10.0.28 - Buffer Overflow 

Exploit

2.10.2017

HBGK DVR 3.0.0 build20161206 - Authentication Bypass 

Exploit

2.10.2017

ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download 

Exploit

2.10.2017

Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection 

Exploit

2.10.2017

PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection 

Exploit

2.10.2017

WordPress Plugin WPHRM - SQL Injection 

Exploit

2.10.2017

SmarterStats 11.3.6347 - Cross-Site Scripting 

Exploit

1.10.2017

CVE-2017-14087 Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection
 (apparitionsec / hyp3rlinx) 2017-09-28

Bugtraq

1.10.2017

security bulletin] HPESBGN03773 rev.2 - HPE Application Performa
nce Management (BSM), Remote Code Execution 2017-09-28

Bugtraq

1.10.2017

CVE-2017-14084 Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM)
Remote Code Execution (apparitionsec / hyp3rlinx) 2017-09-28

Bugtraq

1.10.2017

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities

Vulnerebility

1.10.2017

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities

Vulnerebility

1.10.2017

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability

Vulnerebility

1.10.2017

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities

Vulnerebility

1.10.2017

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability

Vulnerebility

1.10.2017

Who's Borrowing your Resources?

SANS News

1.10.2017

Good Analysis = Understanding(tools + logs + normal)

SANS News

1.10.2017

Siemens Patches Improper Access Vulnerability in Ruggedcom Protocol

Threatpost

1.10.2017

ICANN Postpones Scheduled DNS Crypto Key Rollover

Threatpost

 

29.9.2017

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities

Vulnerebility

29.9.2017

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability

Vulnerebility

29.9.2017

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities

Vulnerebility

29.9.2017

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability

Vulnerebility

29.9.2017

Microsoft Internet Explorer CVE-2016-0189 Scripting Engine Remote Memory Corruption Vulnerability

Vulnerebility

29.9.2017

Adobe Flash Player CVE-2016-4117 Unspecified Remote Code Execution Vulnerability

Vulnerebility

29.9.2017

Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability

Vulnerebility

29.9.2017

Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability

Vulnerebility

29.9.2017

Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities

Vulnerebility

29.9.2017

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities

Vulnerebility

29.9.2017

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities

Vulnerebility

29.9.2017

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability

Vulnerebility

29.9.2017

Perl CVE-2017-12814 Stack Based Buffer Overflow Vulnerability

Vulnerebility

29.9.2017

WordPress 2kb Amazon Affiliates Store Plugin Multiple Cross Site Scripting Vulnerabilities

Vulnerebility

29.9.2017

libvorbis CVE-2017-14160 Denial of Service Vulnerability

Vulnerebility

29.9.2017

Multiple Siemens Products Discovery Protocol CVE-2017-12736 Remote Security Bypass Vulnerability

Vulnerebility

29.9.2017

Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability

Vulnerebility

29.9.2017

Apache Struts CVE-2017-9793 Denial of Service Vulnerability

Vulnerebility

29.9.2017

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability

Vulnerebility

29.9.2017

Apache Struts Spring AOP Functionality Denial of Service Vulnerability

Vulnerebility

29.9.2017

Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability

Vulnerebility

29.9.2017

Apache Struts CVE-2017-7672 Denial of Service Vulnerability

Vulnerebility

29.9.2017

Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability

Vulnerebility

29.9.2017

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability

Vulnerebility

29.9.2017

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities

Vulnerebility

29.9.2017

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability

Vulnerebility

29.9.2017

Cisco IOS Software CVE-2017-12232 Denial of Service Vulnerability

Vulnerebility

29.9.2017

Cisco IOS Software CVE-2017-12235 Denial of Service Vulnerability

Vulnerebility

29.9.2017

Multiple Cisco Products CVE-2017-12239 Local Unauthorized Access Vulnerability

Vulnerebility

29.9.2017

Cisco IOS Software for Cisco Catalyst 6800 Series Switches Denial of Service Vulnerability

Vulnerebility

29.9.2017

Civil Liberties Activists Hit By Phishing Campaign

Threatpost

29.9.2017

Google to Enforce HSTS on TLDs it Operates

Threatpost

29.9.2017

Macs Not Receiving EFI Firmware Security Updates as Expected

Threatpost

29.9.2017

The easy way to analyze huge amounts of PCAP data

SANS News

29.9.2017

Trojan.Starloader

Malware

29.9.2017

FileRun <= 2017.09.18 - SQL Injection 

Exploit

29.9.2017

Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption 

Exploit

29.9.2017

Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection 

Exploit

29.9.2017

Roteador Wireless Intelbras WRN150 - Autentication Bypass 

Exploit

29.9.2017

Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection 

Exploit

29.9.2017

Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery 

Exploit

29.9.2017

Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure 

Exploit

29.9.2017

Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption 

Exploit

29.9.2017

Trend Micro OfficeScan 11.0/XG (12.0) - Private Key Disclosure 

Exploit

29.9.2017

Roteador Wireless Intelbras WRN150 - Autentication Bypass 

Exploit

29.9.2017

Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection 

Exploit

29.9.2017

CVE-2017-14087 Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection
(apparitionsec / hyp3rlinx) 2017-09-28

Bugtraq

29.9.2017

security bulletin] HPESBGN03773 rev.2 - HPE Application Performance Management (BSM), Remot
e Code Execution 2017-09-28

Bugtraq

29.9.2017

CVE-2017-14084 Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM)
Remote Code Execution (apparitionsec / hyp3rlinx) 2017-09-28

Bugtraq

29.9.2017

CVE-2017-9538] Persistent Application Denial of Service 2017-09-29

Bugtraq

29.9.2017

CVE-2017-9537] Persistent Cross-Site Scripting Vulnerabilities 2017-09-29

Bugtraq

29.9.2017

Faleemi FSC-880 Multiple Security Vulnerabilities 2017-09-27

Bugtraq

28.9.2017

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability

Vulnerebility

28.9.2017

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities

Vulnerebility

28.9.2017

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability

Vulnerebility

28.9.2017

Microsoft Internet Explorer CVE-2016-0189 Scripting Engine Remote Memory Corruption Vulnerability

Vulnerebility

28.9.2017

Adobe Flash Player CVE-2016-4117 Unspecified Remote Code Execution Vulnerability

Vulnerebility

28.9.2017

Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability

Vulnerebility

28.9.2017

Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability

Vulnerebility

28.9.2017

Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities

Vulnerebility

28.9.2017

libvorbis CVE-2017-14160 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Multiple Siemens Products Discovery Protocol CVE-2017-12736 Remote Security Bypass Vulnerability

Vulnerebility

28.9.2017

Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability

Vulnerebility

28.9.2017

Apache Struts CVE-2017-9793 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability

Vulnerebility

28.9.2017

Apache Struts Spring AOP Functionality Denial of Service Vulnerability

Vulnerebility

28.9.2017

Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability

Vulnerebility

28.9.2017

Apache Struts CVE-2017-7672 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability

Vulnerebility

28.9.2017

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability

Vulnerebility

28.9.2017

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities

Vulnerebility

28.9.2017

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability

Vulnerebility

28.9.2017

Cisco IOS Software CVE-2017-12232 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Cisco IOS Software CVE-2017-12235 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Multiple Cisco Products CVE-2017-12239 Local Unauthorized Access Vulnerability

Vulnerebility

28.9.2017

Cisco IOS Software for Cisco Catalyst 6800 Series Switches Denial of Service Vulnerability

Vulnerebility

28.9.2017

Cisco IOS Software CVE-2017-12231 Remote Denial of Service Vulnerability

Vulnerebility

28.9.2017

Cisco IOS Software Common Industrial Protocol Multiple Denial of Service Vulnerabilities

Vulnerebility

28.9.2017

Cisco IOS and IOS XE Software CVE-2017-12237 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Cisco IOS XE Software CVE-2017-12230 Privilege Escalation Vulnerability

Vulnerebility

28.9.2017

Cisco IOS XE Software CVE-2017-12222 Denial of Service Vulnerability

Vulnerebility

28.9.2017

Cisco IOS and IOS XE Software CVE-2017-12240 Buffer Overflow Vulnerability

Vulnerebility

28.9.2017

Gatekeeper Alone Won’t Mitigate Apple Keychain Attack

Threatpost

28.9.2017

MSIL/Spy.Netpune.A

Malware

28.9.2017

MSIL/Spy.RinLog.A

Malware

28.9.2017

Win32/TrojanProxy.Hioles.AD

Malware

28.9.2017

Win32/Emotet.AW

Malware

28.9.2017

Win32/TrickBot.V

Malware

28.9.2017

Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code... 

Exploit

28.9.2017

LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit) 

Exploit

27.9.2017

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability

Vulnerebility

27.9.2017

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities

Vulnerebility